FIPS 180-4 also defines SHA2-512/224 and SHA2-512/256. Should they be added to
the table?
Tony Hansen
On 3/20/17, 7:14 PM, "openpgp on behalf of Mark D. Baushke"
<openpgp-bounces(_at_)ietf(_dot_)org on behalf of mdb(_at_)juniper(_dot_)net>
wrote:
As an editorial remark, it would be nice if rfc4880bis were to use
a consistent representation for the secure hash algorithm families.
SHA1 is sometimes written as SHA1 and sometimes written as SHA-1.
I will also note that "SHA224" "SHA256" "SHA384" "SHA512" "SHA-224"
"SHA-256" "SHA-384" and "SHA-512" might want to be more completely
specified as members of the SHA-2 family [FISP180] by using the tag
"SHA2-224" "SHA2-256" "SHA2-384" and "SHA2-512" as the algorithm name in
section 9.5 as compared with members of the SHA-3 [FIPS202] family of
algorithms: SHA3-224, SHA3-256, SHA3-384, SHA3-512 (noting that the
SHA-3 family are NOT YET a part of rfc4880bis).
https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-01
----------%<----------%<----------%<----------%<----------%<----------
…
and suggested update to section 9.5:
----------%<----------%<----------%<----------%<----------%<----------
9.5. {9.4} Hash Algorithms
+-----------+---------------------------------+--------------+
| ID | Algorithm | Text Name |
+-----------+---------------------------------+--------------+
| 1 | MD5 [HAC] | "MD5" |
| 2 | SHA-1 [FIPS180] | "SHA1" |
| 3 | RIPE-MD/160 [HAC] | "RIPEMD160" |
| 4 | Reserved | |
| 5 | Reserved | |
| 6 | Reserved | |
| 7 | Reserved | |
| 8 | SHA2-256 [FIPS180] | "SHA256" |
| 9 | SHA2-384 [FIPS180] | "SHA384" |
| 10 | SHA2-512 [FIPS180] | "SHA512" |
| 11 | SHA2-224 [FIPS180] | "SHA224" |
| 100--110 | Private/Experimental algorithm | |
+-----------+---------------------------------+--------------+
Implementations SHOULD implement SHA-1. Implementations MUST
implement SHA256. Implementations MAY implement other algorithms.
MD5 and RIPE-MD/160 are deprecated.
----------%<----------%<----------%<----------%<----------%<----------
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp